Prevention of XSS Attack

BBCode.Net is currently not able to block XSS Attack (Cross-site Scripting). You have to implement your own AntiXSS engine. There is a nice AntiXSS engine provided by Microsoft (Read more: Microsoft Web Protection
Library)